Fake Apple E-mails ‘Phish’ for Billing Details

Sophos the security company highlighted a scam e-mail alert that attempted at duping recipients into going to one hijacked Internet site that apparently asked for their Apple identity credentials.

Graham Cluley, Senior Technology Consultant with Sophos thus drew Internet users' attention towards the scam e-mail that posed as an Apple message informing them their billing details had become obsolete.

Essentially, people getting e-mails having the caption: "Apple update your Billing Information," get informed that they require making personal billing records up to date else they will find the accounts they hold with Apple closed. These e-mails obviously contain one web-link that leads onto a page where the users are asked to feed in their login details and 'confirm' or 'update' their billing details.

Cluley pointed out that anyone brushing his mouse on top of the web-link would find that it tried to lead the user onto a German Internet site instead of the actual website for Apple Store. Naked Security published this in news on December 1, 2011.

Specifically, within the above instance, users may get led onto one phony login page of Apple Store that though presently has been taken offline.

Cluley stated that the perpetrators of the above scam adopted what was called a shotgun strategy, expecting numerous recipients to be ID holders with Apple as well as them getting so duped that they would willingly give away their details.

Incidentally, it seems the e-mails are getting spammed over a wide spectrum, without just confining to people using Apple Store. Moreover, as Cluley's research shows, the scam e-mails are profusely spreading not merely amongst holders of Apple IDs in spite of the fact that consumers of Apple Store are the main attack point.

Hence, the senior consultant urges anyone getting the e-mail to simply overlook it while according to him, the suggestion remains true for any other uninvited electronic mail, which solicits the recipient's sensitive information or other personal identifiable details. Additional safeguard from the above mentioned kind of scams requires deploying security software that is regularly updated so that the software can detect any incoming spam mail, Cluley concludes.